[El-errata] ELSA-2025-4362 Moderate: Oracle Linux 8 ghostscript security update

[Errata Announcements for Oracle Linux]

Oracle Linux Security Advisory ELSA-2025-4362

http://linux.oracle.com/errata/ELSA-2025-4362.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ghostscript-9.27-16.el8_10.x86_64.rpm
ghostscript-x11-9.27-16.el8_10.x86_64.rpm
libgs-9.27-16.el8_10.i686.rpm
libgs-9.27-16.el8_10.x86_64.rpm
ghostscript-doc-9.27-16.el8_10.noarch.rpm
ghostscript-tools-dvipdf-9.27-16.el8_10.x86_64.rpm
ghostscript-tools-fonts-9.27-16.el8_10.x86_64.rpm
ghostscript-tools-printing-9.27-16.el8_10.x86_64.rpm
libgs-devel-9.27-16.el8_10.i686.rpm
libgs-devel-9.27-16.el8_10.x86_64.rpm

aarch64:
ghostscript-9.27-16.el8_10.aarch64.rpm
ghostscript-x11-9.27-16.el8_10.aarch64.rpm
libgs-9.27-16.el8_10.aarch64.rpm
ghostscript-doc-9.27-16.el8_10.noarch.rpm
ghostscript-tools-dvipdf-9.27-16.el8_10.aarch64.rpm
ghostscript-tools-fonts-9.27-16.el8_10.aarch64.rpm
ghostscript-tools-printing-9.27-16.el8_10.aarch64.rpm
libgs-devel-9.27-16.el8_10.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//ghostscript-9.27-16.el8_10.src.rpm

Related CVEs:

CVE-2020-27792
CVE-2023-46751
CVE-2024-46951
CVE-2024-46952
CVE-2024-46953
CVE-2024-46954
CVE-2024-46956




Description of changes:

[9.27-16]
- RHEL-18396 CVE-2023-46751 ghostscript: dangling pointer in gdev_prn_open_printer_seekable()
- RHEL-67046 CVE-2024-46951 ghostscript: Arbitrary Code Execution in Artifex Ghostscript Pattern Color Space
- RHEL-15067 CVE-2020-27792 ghostscript: heap buffer over write vulnerability in GhostScript's lp8000_print_page() in gdevlp8k.c
- RHEL-67051 CVE-2024-46954 ghostscript: Directory Traversal in Ghostscript via Overlong UTF-8 Encoding
- RHEL-67051 CVE-2024-46953 ghostscript: Path Traversal and Code Execution via Integer Overflow in Ghostscript
- RHEL-67051 CVE-2024-46956 ghostscript: Out-of-Bounds Data Access in Ghostscript Leads to Arbitrary Code Execution